Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document SBOM ingestion; also mentioned daemon ingestion #168

Open
wants to merge 5 commits into
base: main
Choose a base branch
from

Conversation

Ritesh-Udgata
Copy link

Closes #140
Closes #142

Copy link

netlify bot commented Oct 30, 2024

Deploy Preview for resonant-wisp-1a517a ready!

Name Link
🔨 Latest commit b910589
🔍 Latest deploy log https://app.netlify.com/sites/resonant-wisp-1a517a/deploys/672336e52329f60008705f33
😎 Deploy Preview https://deploy-preview-168--resonant-wisp-1a517a.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

Signed-off-by: Ritesh <[email protected]>
Copy link
Collaborator

@funnelfiasco funnelfiasco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's off to a good start. As in your other PR, let's add a table of command line options and replace the top line with something like

---
layout: page
title: Ingesting SBOMs into GUAC
permalink: /ingesting-sboms/
---

I suggest renaming the file to sbom-ingestion.md as well.

guac-SBOM-ingestion.md Outdated Show resolved Hide resolved
guac-SBOM-ingestion.md Outdated Show resolved Hide resolved
guac-SBOM-ingestion.md Outdated Show resolved Hide resolved
- You can send SBOMs directly to GUAC using its API.
- Example API request:
```bash
curl -X POST -F "[email protected]" http://guac-server/v0/ingest
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the source for this? This does not work on my local GUAC instance.

guac-SBOM-ingestion.md Outdated Show resolved Hide resolved
### Recommended Configuration for Daemon Mode

To use daemon-mode ingestion effectively, ensure the following:
1. **Install and configure** the appropriate collectors (e.g., GCS, GitHub, or local directory collectors).
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The collectors are built-in

Comment on lines 68 to 77
### Recommended Configuration for Daemon Mode

To use daemon-mode ingestion effectively, ensure the following:
1. **Install and configure** the appropriate collectors (e.g., GCS, GitHub, or local directory collectors).
2. **Configure polling intervals** to balance between frequency and system load.
3. **Verify connectivity** between GUAC and the data source to avoid ingestion delays.

Example of starting GUAC in daemon mode:
```bash
guac-server --config /path/to/config.yaml --daemon
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again, this command is not a binary that we ship. See guacsec/guac#1005 (comment)

Comment on lines 80 to 88
---

### Conclusion

SBOM ingestion in GUAC supports both **manual and automated** workflows:
- **Manual ingestion** is suited for individual files and testing.
- **Daemon-mode ingestion** allows for **automatic polling** from collectors like GCS.

With both options available, GUAC can integrate seamlessly into various workflows, from CI/CD pipelines to periodic compliance checks.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This section is unnecessary.

@Ritesh-Udgata
Copy link
Author

  1. Changed file name
  2. Updated title
  3. Removed Syft's native format support point.
  4. Dropped "What is not supported" section.
  5. Added correct example to ingest SBOM file into Guac
  6. Dropped Chain Loop callout section
  7. Since collectors are built-in for daemon mode hence dropped the point
  8. Dropped example for starting Guac in daemon mode.
  9. Removed conclusion

Signed-off-by: Ritesh <[email protected]>
Comment on lines 35 to 46
2. **Daemon-Mode Ingestion (Polling Collectors)**:
- When configured, GUAC operates in **daemon mode**, using collectors (like GCS) to poll for new SBOMs at regular intervals.
- **How to Enable Daemon Mode**:
- Set up a configuration file specifying the collector sources.
- Example of a collector config:
```yaml
collectors:
- type: gcs
bucket: my-sbom-bucket
pollingInterval: 5m
```
- Once activated, GUAC will **automatically fetch and ingest** SBOMs from the specified source.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's your source for that example collector config? It doesn't line up with the comment I left in the last round of review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Document daemon-mode ingestion Document how to ingest SBOMs
2 participants